Random "No Reachable Authority" from "EWR" 1.1.1.1

What is the name of the domain?

lcd115.lcdevops.com

Please include test result URL when you create a post in the community forum. Paste the results from → 1.1.1.1 — the Internet’s Fastest, Privacy-First DNS Resolver

What is the error number?

EDE: 22 (No Reachable Authority)

What is the error message?

EDE: 22 (No Reachable Authority): (time limit exceeded)

What is the issue you’re encountering

Intermittent / Random DNS lookup fails on 1.1.1.1 and 1.0.0.1 for some domains from the “EWR” data center

What are the steps to reproduce the issue?

This issue started on 6/18/2024 and has been ongoing

If I run the following command from any VM I have in the Digital Ocean NY3 data center

 while true; do time dig @1.1.1.1 lcd115.lcdevops.com; sleep 1; done

I will RANDOMLY get the following SERVFAIL


; <<>> DiG 9.11.20-RedHat-9.11.20-5.el8 <<>> @1.1.1.1 lcd115.lcdevops.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 42918
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; EDE: 22 (No Reachable Authority): (time limit exceeded)
;; QUESTION SECTION:
;lcd115.lcdevops.com.           IN      A

;; Query time: 4006 msec
;; SERVER: 1.1.1.1#53(1.1.1.1)
;; WHEN: Mon Jun 24 17:22:25 UTC 2024
;; MSG SIZE  rcvd: 73

It may have 8 or 10 successes and then a single fail

I have tried this on other domains as well, and experience the same issue (lucit.cc, as well as a third-party service at api-prod.corelogic.com)

When I run these tests on my localhost that connects to “MSP” I do NOT receive these errors

I believe, to repproduce the issue, all you have to do is run the following from any VM that is connected to the “EWR” data center

while true; do time dig @1.1.1.1 lcd115.lcdevops.com; sleep 1; done

I believe there may be an issue with EWR and some domains

When I use Google’s 8.8.8.8 I do NOT get this error

Update for anyone that comes across this - As of 6/26/24 this issue does seem to now be resolved. (It seems to have resolved at some point in the last 24 hours)

The issue lasted from 6/18 - 6/24 and it does appear there was some issue with EWR being able to retrieve some results during this time

Hi @eric100 sorry about the issues you’ve experienced. I have seen this pop up in various colos near AS14061 DCs recently. We’re working on ways to make attack mitigation more targeted, so over time it should be less likely for your queries to be running into time budget.

Thanks @mvavrusa ! -

Does this specific issue have to do with detecting our requests as attacks? -

We may be able to convert some of our nodes to do more caching if this is the case

Hi @eric100 no unless you’re sending attack traffic or large domain scans or something of that sort. But send us an email to resolver at cloudflare.com if you have any particular deployment requirements. There have been frequent attacks from AS14061, if you’re getting “(time limit exceeded)” it’s most likely your neighboring IPs in the same DC exhausted the time budgets for your VM as well.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.